Hi,
After we upgraded to 1.7.6, we started seeing authentication issues for
some users who have never signed in review board before. The issue tracked
down was in 1.7.6 after the authentication was done in
LDAPBackend.authenticate(), it calls self.get_or_create_user(username,
ldapo) with ldapo, basically reuses the simple binding object to avoid a
second auth in get_or_create_user(). In 1.6.13, it has to re-authenticate
the simple bind before searching the user.
Reusing ldapo seems to cause LDAP failure for new users (users who sign in
the first time). A typical error is:
(Pdb) search_result = ldapo.search_s(settings.LDAP_BASE_DN,
ldap.SCOPE_SUBTREE,
"(%s)" %
settings.LDAP_UID_MASK % username)
*** INVALID_CREDENTIALS: {'info': '80090308: LdapErr: DSID-0C090334,
comment: AcceptSecurityContext error, data 52e, vece', 'desc': 'Invalid
credentials'}
The problem goes away after switching back to the auth scheme in 1.6.13
--
Get the Review Board Power Pack at http://www.reviewboard.org/powerpack/
---
Sign up for Review Board hosting at RBCommons: https://rbcommons.com/
---
Happy user? Let us know at http://www.reviewboard.org/users/
---
You received this message because you are subscribed to the Google Groups
"reviewboard" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
